CLAIMS 



What is claimed is : 

1 . A method comprising: 

receiving in a virtual machine contents of a program for creating a 
virtual environment for interacting with a host platform in a computing 
device; and 

determining by the virtual machine if the received contents 
comprises predetermined instructions for performing at least one 
imauthorized task. 

2. The method of claim 1, wherein the determining if the received contents 
comprises predetermined instructions further comprises: 

comparing the received contents of the program to at least one 
predetermined instruction pattems corresponding to the predetermined 
instructions for performing the at least one unauthorized task; and 

purging the predetermined instructions ifrom the received contents based 
on the comparing. 

3. The method of claim 2, wherein the comparing the contents of the 
received program to at least one predetermined instruction pattems further 
comprises: 

searching predetermined locations of the received contents of the 
program for the predetermined instructions. 

4. The method of claim 2, wherein the virtual machine comprises a 
translation cache, wherein the contents of the program reside in the translation cache, 
and wherein determining if the received contents comprises predetermined instructions 
further comprises: 

checking a branch target at the outlets of the translation cache ; and 
determining if the checked branch target comprises at least one of a 
translation cache and the execution engine. 
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5. The method of claim 4, further comprising: 

generating checking and determining instructions for performing 
the checking the branch target and determining if the checked branch 
target comprises at least one of a translation cache and the execution 
engine. 

6. The method of claim 2, wherein the virtual machine comprises an 
execution engine and at least one interpret function invoked by the execution 
engine, wherein the contents of the program reside in the at least one interpret 
function. 

7. A system comprising: 

a virtual machine to receive contents of a program for creating a virtual 
environment for interacting with a host platform in a computing device, the 
virtual machine comprising a detector subsystem to determine if the received 
contents comprises predetermined instructions for performing at least one 
unauthorized task. 

8. The system of claim 7, wherein the detector subsystem is to purge the 
predetermined instructions from the received contents of the program, wherein the 
detector subsystem further comprises: 

a comparator logic to compare the received contents of the program 
to at least one predetermined instruction patterns corresponding to the 
predetermined instructions for performing the at least one unauthorized task; 
and 

a search logic to search predetermined locations of the received contents of 
the program for the predetermined instructions. 

9. The system of claim 7, wherein the virtual machine comprises: 
at least one of a translation cache to store translation data; 
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a translation engine to invoke the detector subsystem to determine 
if the contents of a translation data storage comprises predetermined 
instructions for performing at least one unauthorized task; 

at least one loader, to receive contents of a program and to invoke 
the detector subsystem; 

at least one interpreter function; and 

an execution engine to invoke the detector subsystem to determine if 
the contents of the at least one interpret function invoked by the execution 
engine comprises predetermined instructions for performing at least one 
imauthorized task. 

1 0. The system of claim 9, wherein ttie detector subsystem further 
comprises: 

translation cache logic to check a branch target at the outlets of the 
translation cache and to determine if the checked branch target comprises at least 
one of a translation cache and the execution engine, based on translation cache 
logic instructions; and 

an instruction generation subsystem to generate the translation cache logic 
instructions. 

1 1 . The method of claim 8, v/herein the at least one predetermined 
instruction patterns are stored in a database in communication with the virtual 
machine. 

12. A storage medium that provides software that, if executed by a 
computing device, will cause the computing device to perform the following 
operations: 

receiving in a virtual machine contents of a program for creating a 
virtual envirorunent for interacting with a host platform in a computing 
device; and 
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determining by the virtual machine if the received contents 
comprises predetermined instructions for performing at least one 
unauthorized task. 

13. The storage medium of claim 12 fiirther comprising software to: 
compare the received contents of the program to at least one 

predetermined instmction patterns corresponding to the predetermined 
instructions for performing the at least one unauthorized task; and 

purge the predetermined instructions from the received contents 
based on the comparing. 

14. The storage mecUum of cMm 13 further comprising software to: 

search predetermined locations of the received contents of the program for 
the predetermined instructions 

15. A method comprising: 

receiving a system call for a host platform in communication witii 
a virtual machine of a computing device; and 

determining by the virtual machine if the received system call 
comprises at least one predetermined system call for performing at least one 
unauthorized task. 

16. The method of claim 15, wherein the determining if the received 
system call comprises predetermined system call further comprises: 

comparing the system call to at least one predetermined system call 
patterns corresponding to tiie predctennined system calls for performing the at 
least one unauthorized task. 

17. The method of claim 16, wherein the unauthorized task comprises: 
a task predetermined to be an inhibitive task by the computing 

device; and 

a task to ou^ut data into memory regioris storing at least one of 
insti^ctions and data for operations of the virtual machine. 
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18. A method comprising: 

receiving a virtualized memory address for a host platform in 
communication with a virtual machine of a computing device; and 

determining by the virtual machine if the received virtualized memory 
address comprises at least one predetermined unauthorized virtualized 
memory address. 

19. The method of claim 18, wherein the virtual machine further 
comprises: 

at least one of a translation cache to store translation data; 
an execution engine; and 

at least one interpret function invoked by the execution engine. 

20. The method of claim 19, wherein the determining by the virtual 
machine if the received virtualized memory address comprises at least one 
predetermined unauthorized virtualized memory address comprises: 

determining if the virtualized memory address is in a memory 
space available to the translation cache; 

determining if the virtualized memory address is in a memory 
space available to the at least one interpret function; and 

determining if the virtualized memory address is in a memory space region 
storing at least one of instructions and data for operations of the virtual machine. 
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